Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/vcdimager-2.0.1+dfsg/example/info2.cpp Examining data/vcdimager-2.0.1+dfsg/example/info1.c Examining data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_dtd.c Examining data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_gen.c Examining data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_minfo.c Examining data/vcdimager-2.0.1+dfsg/frontends/xml/vcdxml.h Examining data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_build.c Examining data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_common.c Examining data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_dtd.h Examining data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_rip.c Examining data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_parse.c Examining data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_parse.h Examining data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_dump.h Examining data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_common.h Examining data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_dump.c Examining data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_master.c Examining data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_master.h Examining data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c Examining data/vcdimager-2.0.1+dfsg/frontends/cli/cdxa2mpeg.c Examining data/vcdimager-2.0.1+dfsg/frontends/cli/vcdimager.c Examining data/vcdimager-2.0.1+dfsg/include/libvcd/types.h Examining data/vcdimager-2.0.1+dfsg/include/libvcd/files_private.h Examining data/vcdimager-2.0.1+dfsg/include/libvcd/files.h Examining data/vcdimager-2.0.1+dfsg/include/libvcd/inf.h Examining data/vcdimager-2.0.1+dfsg/include/libvcd/logging.h Examining data/vcdimager-2.0.1+dfsg/include/libvcd/version.h Examining data/vcdimager-2.0.1+dfsg/include/libvcd/sector.h Examining data/vcdimager-2.0.1+dfsg/include/libvcd/info.h Examining data/vcdimager-2.0.1+dfsg/test/check_bitfield.c Examining data/vcdimager-2.0.1+dfsg/test/check_sizeof.c Examining data/vcdimager-2.0.1+dfsg/test/testvcd.c Examining data/vcdimager-2.0.1+dfsg/test/testassert.c Examining data/vcdimager-2.0.1+dfsg/test/mpegscan2.c Examining data/vcdimager-2.0.1+dfsg/test/testimage.c Examining data/vcdimager-2.0.1+dfsg/test/mpegscan.c Examining data/vcdimager-2.0.1+dfsg/lib/vcd_read.c Examining data/vcdimager-2.0.1+dfsg/lib/pbc.h Examining data/vcdimager-2.0.1+dfsg/lib/stream_stdio.h Examining data/vcdimager-2.0.1+dfsg/lib/mpeg.h Examining data/vcdimager-2.0.1+dfsg/lib/util.h Examining data/vcdimager-2.0.1+dfsg/lib/image_cdrdao.c Examining data/vcdimager-2.0.1+dfsg/lib/data_structures.h Examining data/vcdimager-2.0.1+dfsg/lib/mpeg_stream.h Examining data/vcdimager-2.0.1+dfsg/lib/image_nrg.c Examining data/vcdimager-2.0.1+dfsg/lib/stream_stdio.c Examining data/vcdimager-2.0.1+dfsg/lib/vcd_assert.h Examining data/vcdimager-2.0.1+dfsg/lib/stream.c Examining data/vcdimager-2.0.1+dfsg/lib/sector_private.h Examining data/vcdimager-2.0.1+dfsg/lib/vcd_read.h Examining data/vcdimager-2.0.1+dfsg/lib/salloc.c Examining data/vcdimager-2.0.1+dfsg/lib/stream.h Examining data/vcdimager-2.0.1+dfsg/lib/data_structures.c Examining data/vcdimager-2.0.1+dfsg/lib/inf.c Examining data/vcdimager-2.0.1+dfsg/lib/image.c Examining data/vcdimager-2.0.1+dfsg/lib/vcd.c Examining data/vcdimager-2.0.1+dfsg/lib/image_bincue.c Examining data/vcdimager-2.0.1+dfsg/lib/obj.h Examining data/vcdimager-2.0.1+dfsg/lib/mpeg.c Examining data/vcdimager-2.0.1+dfsg/lib/directory.c Examining data/vcdimager-2.0.1+dfsg/lib/files.c Examining data/vcdimager-2.0.1+dfsg/lib/sector.c Examining data/vcdimager-2.0.1+dfsg/lib/logging.c Examining data/vcdimager-2.0.1+dfsg/lib/vcd.h Examining data/vcdimager-2.0.1+dfsg/lib/directory.h Examining data/vcdimager-2.0.1+dfsg/lib/info_private.h Examining data/vcdimager-2.0.1+dfsg/lib/dict.h Examining data/vcdimager-2.0.1+dfsg/lib/info_private.c Examining data/vcdimager-2.0.1+dfsg/lib/bitvec.h Examining data/vcdimager-2.0.1+dfsg/lib/pbc.c Examining data/vcdimager-2.0.1+dfsg/lib/mpeg_stream.c Examining data/vcdimager-2.0.1+dfsg/lib/image_sink.h Examining data/vcdimager-2.0.1+dfsg/lib/salloc.h Examining data/vcdimager-2.0.1+dfsg/lib/info.c Examining data/vcdimager-2.0.1+dfsg/lib/util.c FINAL RESULTS: data/vcdimager-2.0.1+dfsg/frontends/cli/cdxa2mpeg.c:237:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat (strbuf, _buf); data/vcdimager-2.0.1+dfsg/frontends/cli/cdxa2mpeg.c:326:11: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf (stdout, vcd_version_string (true), "cdxa2mpeg"); data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:243:5: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf (stdout, data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:288:3: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf (stdout, data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:444:5: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf (stdout, data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:473:11: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf (stdout, n % 8 ? "%d" : " %d", data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:479:7: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf (stdout, data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:498:5: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf (stdout, data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:592:5: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf (stdout, data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:1079:34: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. if (!gl.show.no.delimiter) fprintf (stdout, DELIM); data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:1085:34: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. if (!gl.show.no.delimiter) fprintf (stdout, DELIM); data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:1091:34: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. if (!gl.show.no.delimiter) fprintf (stdout, DELIM); data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:1097:34: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. if (!gl.show.no.delimiter) fprintf (stdout, DELIM); data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:1108:42: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. if (!gl.show.no.delimiter) fprintf (stdout, DELIM); data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:1112:38: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. if (!gl.show.no.delimiter) fprintf (stdout, DELIM); data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:1121:42: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. if (!gl.show.no.delimiter) fprintf (stdout, DELIM); data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:1124:38: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. if (!gl.show.no.delimiter) fprintf (stdout, DELIM); data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:1133:38: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. if (!gl.show.no.delimiter) fprintf (stdout, DELIM); data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:1136:34: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. if (!gl.show.no.delimiter) fprintf (stdout, DELIM); data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:1144:38: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. if (!gl.show.no.delimiter) fprintf (stdout, DELIM); data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:1154:38: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. if (!gl.show.no.delimiter) fprintf (stdout, DELIM); data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:1159:30: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. if (!gl.show.no.delimiter) fprintf (stdout, DELIM); data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:1175:9: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf (stdout, DELIM); data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:1223:38: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. if (!gl.show.no.delimiter) fprintf (stdout, DELIM); data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:1231:34: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. if (!gl.show.no.delimiter) fprintf (stdout, DELIM); data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:1576:9: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf (stdout, vcd_version_string (true), "vcd-info"); data/vcdimager-2.0.1+dfsg/frontends/cli/vcdimager.c:286:11: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf (stdout, vcd_version_string (true), "vcdimager"); data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_common.c:218:5: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf (stdout, vcd_version_string (true), vcd_xml_progname); data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_dump.c:541:7: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat (retval, argv[idx]); data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_gen.c:178:7: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat (buf, pathname); data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_gen.c:180:7: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat (buf, dentry->d_name); data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_gen.c:182:7: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat (iso_name, dentry->d_name); data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_master.c:52:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (tmp, prefix); data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_master.c:53:7: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat (tmp, pathname); data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_minfo.c:71:7: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf (buf, sizeof (buf), fmt, args); data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_minfo.c:115:7: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf (buf, sizeof (buf), fmt, args); data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_parse.c:648:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (_tmp, path); data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_parse.c:649:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat (_tmp, _name); data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_parse.c:689:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (new_path, path); data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_parse.c:690:4: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat (new_path, (const char *) _tmp); data/vcdimager-2.0.1+dfsg/lib/logging.c:101:3: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf(buf, sizeof(buf)-1, format, args); data/vcdimager-2.0.1+dfsg/lib/stream.c:122:9: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. len = vsnprintf (buf, sizeof(buf), format, args); data/vcdimager-2.0.1+dfsg/lib/util.c:82:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat (new_str, delim); data/vcdimager-2.0.1+dfsg/lib/util.c:83:7: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat (new_str, strv[n]); data/vcdimager-2.0.1+dfsg/lib/vcd.c:1338:7: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf (segment_pathname, sizeof (segment_pathname), fmt, n); data/vcdimager-2.0.1+dfsg/lib/vcd.c:1437:7: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf (avseq_pathname, sizeof (avseq_pathname), fmt, n + 1); data/vcdimager-2.0.1+dfsg/test/testvcd.c:77:5: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(cmd, sizeof(cmd), FRONTEND_DIR "cli/vcd-info -i %s", psz_source); data/vcdimager-2.0.1+dfsg/test/testvcd.c:78:12: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. i_rc = system(cmd); data/vcdimager-2.0.1+dfsg/test/testvcd.c:85:5: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(cmd, sizeof(cmd), data/vcdimager-2.0.1+dfsg/test/testvcd.c:87:13: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. i_rc2 = system(cmd); data/vcdimager-2.0.1+dfsg/frontends/cli/cdxa2mpeg.c:235:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char _buf[7] = { 0, }; data/vcdimager-2.0.1+dfsg/frontends/cli/cdxa2mpeg.c:249:29: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. handle (riff_context *ctxt, char id[4]) data/vcdimager-2.0.1+dfsg/frontends/cli/cdxa2mpeg.c:252:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char id[4]; data/vcdimager-2.0.1+dfsg/frontends/cli/cdxa2mpeg.c:274:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char id[4] = { 0, }; data/vcdimager-2.0.1+dfsg/frontends/cli/cdxa2mpeg.c:347:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). in = fopen (args[0], "rb"); data/vcdimager-2.0.1+dfsg/frontends/cli/cdxa2mpeg.c:363:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). out = fopen (args[1], "wb"); data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:943:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char _fullname[4096] = { 0, }; data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:1331:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[30]; data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_build.c:279:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024] = { 0, }; data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_build.c:321:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024] = { 0, }, *buf2; data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_dump.c:132:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[16]; data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_dump.c:155:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_dump.c:295:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[80]; data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_dump.c:337:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[80]; data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_dump.c:349:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[80]; data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_dump.c:370:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[80]; data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_gen.c:168:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024] = { 0, }; data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_gen.c:169:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char iso_name[1024] = { 0, }; data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_gen.c:212:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[16]; data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_gen.c:222:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[16]; data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_minfo.c:45:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char *_TAG_STACK[16]; data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_minfo.c:69:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024] = { 0, }; data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_minfo.c:113:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024] = { 0, }; data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_minfo.c:252:25: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!(_TAG_FD = fopen (_output_file, "w"))) data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_rip.c:100:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char namebuf2[strlen (namebuf) + 2]; data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_rip.c:153:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char _fullname[4096] = { 0, }; data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_rip.c:267:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[80]; data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_rip.c:321:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[80]; data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_rip.c:343:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[80]; data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_rip.c:387:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[80]; data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_rip.c:415:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[80]; data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_rip.c:896:21: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!(outfd = fopen (_fs->file_src, "wb"))) data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_rip.c:904:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[blocksize]; data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_rip.c:958:21: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!(outfd = fopen (p_seg->src, "wb"))) data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_rip.c:1074:21: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!(outfd = fopen (_seq->src, "wb"))) data/vcdimager-2.0.1+dfsg/include/libvcd/files_private.h:54:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ID[8]; /**< "ENTRYVCD" or "ENTRYSVD" */ data/vcdimager-2.0.1+dfsg/include/libvcd/files_private.h:188:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ID[8]; /**< const "VIDEO_CD" for data/vcdimager-2.0.1+dfsg/include/libvcd/files_private.h:200:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char album_desc[16]; /**< album identification/desc. */ data/vcdimager-2.0.1+dfsg/include/libvcd/files_private.h:224:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char reserved[2]; /**< Reserved, must be zero */ data/vcdimager-2.0.1+dfsg/include/libvcd/files_private.h:411:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file_id[sizeof(TRACKS_SVD_FILE_ID)-1]; /**< == "TRACKSVD" with out data/vcdimager-2.0.1+dfsg/include/libvcd/files_private.h:433:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file_id[sizeof(TRACKS_SVD_FILE_ID)-1]; /**< == "TRACKSVD" */ data/vcdimager-2.0.1+dfsg/include/libvcd/files_private.h:457:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file_id[sizeof(SEARCH_FILE_ID)-1]; /**< == "SEARCHSV" without final data/vcdimager-2.0.1+dfsg/include/libvcd/files_private.h:477:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file_id[sizeof(SPICONTX_FILE_ID)-1]; /**< = "SPICONSV" without final data/vcdimager-2.0.1+dfsg/include/libvcd/files_private.h:497:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file_id[sizeof(SCANDATA_FILE_ID)-1]; /**< == "SCAN_VCD" without final data/vcdimager-2.0.1+dfsg/include/libvcd/files_private.h:516:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file_id[sizeof(SCANDATA_FILE_ID)-1]; /**< == "SCAN_VCD" without final data/vcdimager-2.0.1+dfsg/lib/files.c:231:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &entries_vcd, sizeof(entries_vcd)); data/vcdimager-2.0.1+dfsg/lib/files.c:311:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, lot_vcd, sizeof(LotVcd_t)); data/vcdimager-2.0.1+dfsg/lib/files.c:462:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &info_vcd, sizeof(info_vcd)); data/vcdimager-2.0.1+dfsg/lib/files.c:468:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tracks_svd_buf[ISO_BLOCKSIZE] = { 0, }; data/vcdimager-2.0.1+dfsg/lib/files.c:474:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (tracks_svd->file_id, TRACKS_SVD_FILE_ID, data/vcdimager-2.0.1+dfsg/lib/files.c:516:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (buf, &tracks_svd_buf, sizeof(tracks_svd_buf)); data/vcdimager-2.0.1+dfsg/lib/files.c:522:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tracks_svd[ISO_BLOCKSIZE] = { 0, }; data/vcdimager-2.0.1+dfsg/lib/files.c:538:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (tracks_svd1->file_id, TRACKS_SVD_FILE_ID, data/vcdimager-2.0.1+dfsg/lib/files.c:589:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (buf, &tracks_svd, sizeof(tracks_svd)); data/vcdimager-2.0.1+dfsg/lib/files.c:746:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (buf, &search_dat, sizeof (search_dat)); data/vcdimager-2.0.1+dfsg/lib/image_cdrdao.c:223:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[4096] = { 0, }; data/vcdimager-2.0.1+dfsg/lib/image_nrg.c:85:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char data[EMPTY_ARRAY_SIZE] ; data/vcdimager-2.0.1+dfsg/lib/inf.c:70:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char _buf[BUF_COUNT][BUF_SIZE]; data/vcdimager-2.0.1+dfsg/lib/info.c:67:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char _buf[BUF_COUNT][BUF_SIZE]; data/vcdimager-2.0.1+dfsg/lib/info.c:226:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *audio_types[3][5] = data/vcdimager-2.0.1+dfsg/lib/info.c:344:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (buf, "??"); data/vcdimager-2.0.1+dfsg/lib/info.c:1559:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char psz_vol_id[ISO_MAX_VOLUME_ID+1] = {'\0'}; data/vcdimager-2.0.1+dfsg/lib/info.c:1575:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char volume_set_id[ISO_MAX_VOLUMESET_ID+1] = {'\0'}; data/vcdimager-2.0.1+dfsg/lib/info.c:1802:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[1024]; data/vcdimager-2.0.1+dfsg/lib/logging.c:93:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024] = { 0, }; data/vcdimager-2.0.1+dfsg/lib/mpeg.c:267:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[16]; data/vcdimager-2.0.1+dfsg/lib/mpeg_stream.c:148:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[2324] = { 0, }; data/vcdimager-2.0.1+dfsg/lib/mpeg_stream.c:405:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[2324] = { 0, }; data/vcdimager-2.0.1+dfsg/lib/mpeg_stream.c:448:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (packet_buf, buf, pkt_len); data/vcdimager-2.0.1+dfsg/lib/sector.c:177:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (raw_sector->sync, sync_pattern, sizeof (sync_pattern)); data/vcdimager-2.0.1+dfsg/lib/sector.c:232:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ((char*)raw_sector+CDIO_CD_XA_SYNC_HEADER, data, data/vcdimager-2.0.1+dfsg/lib/sector.c:238:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ((char*)raw_sector+CDIO_CD_XA_SYNC_HEADER, data, data/vcdimager-2.0.1+dfsg/lib/sector.c:253:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ((char*)raw_sector+12+4, data, M2RAW_SECTOR_SIZE); data/vcdimager-2.0.1+dfsg/lib/stream.c:59:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (obj->op.open(obj->user_data)) data/vcdimager-2.0.1+dfsg/lib/stream.c:76:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&(new_obj->op), funcs, sizeof(vcd_data_sink_io_functions)); data/vcdimager-2.0.1+dfsg/lib/stream.c:115:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[4096] = { 0, }; data/vcdimager-2.0.1+dfsg/lib/stream.c:173:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (obj->op.open(obj->user_data)) data/vcdimager-2.0.1+dfsg/lib/stream.c:213:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&(new_obj->op), funcs, sizeof(vcd_data_source_io_functions)); data/vcdimager-2.0.1+dfsg/lib/stream.h:54:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). vcd_data_open_t open; data/vcdimager-2.0.1+dfsg/lib/stream.h:85:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). vcd_data_open_t open; data/vcdimager-2.0.1+dfsg/lib/stream_stdio.c:52:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((ud->fd = fopen (ud->pathname, "rb"))) data/vcdimager-2.0.1+dfsg/lib/stream_stdio.c:66:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((ud->fd = fopen (ud->pathname, "wb"))) data/vcdimager-2.0.1+dfsg/lib/util.c:95:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char _delim[2] = { 0, 0 }; data/vcdimager-2.0.1+dfsg/lib/util.c:141:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (new_mem, mem, count); data/vcdimager-2.0.1+dfsg/lib/vcd.c:55:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char zero[CDIO_CD_FRAMESIZE_RAW] = { 0, }; data/vcdimager-2.0.1+dfsg/lib/vcd.c:1319:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char segment_pathname[128] = { 0, }; data/vcdimager-2.0.1+dfsg/lib/vcd.c:1398:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char avseq_pathname[128] = { 0, }; data/vcdimager-2.0.1+dfsg/lib/vcd.c:1523:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[CDIO_CD_FRAMESIZE_RAW] = { 0, }; data/vcdimager-2.0.1+dfsg/lib/vcd.c:1539:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[CDIO_CD_FRAMESIZE_RAW] = { 0, }; data/vcdimager-2.0.1+dfsg/lib/vcd.c:1564:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[M2RAW_SECTOR_SIZE] = { 0, }; data/vcdimager-2.0.1+dfsg/lib/vcd.c:1593:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[CDIO_CD_FRAMESIZE] = { 0, }; data/vcdimager-2.0.1+dfsg/lib/vcd.c:1618:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[2324]; data/vcdimager-2.0.1+dfsg/lib/vcd.c:1651:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024] = { 0, }; data/vcdimager-2.0.1+dfsg/lib/vcd.c:1675:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024] = { 0, }, buf2[1024] = { 0, }; data/vcdimager-2.0.1+dfsg/test/mpegscan2.c:80:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[2324]; data/vcdimager-2.0.1+dfsg/test/testimage.c:59:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[M2RAW_SECTOR_SIZE]; data/vcdimager-2.0.1+dfsg/test/testimage.c:60:11: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). lsn = atoi (argv[3]); data/vcdimager-2.0.1+dfsg/test/testimage.c:83:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = fopen ("testimage.out", "wb"); data/vcdimager-2.0.1+dfsg/test/testvcd.c:59:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmd[1024]; data/vcdimager-2.0.1+dfsg/example/info1.c:84:4: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen (ISO_STANDARD_ID))) data/vcdimager-2.0.1+dfsg/example/info2.cpp:84:4: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen (ISO_STANDARD_ID))) data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:947:7: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is low because the source is a constant character. strncat (_fullname, "/", sizeof (_fullname)-strlen(_fullname)-1); data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:947:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat (_fullname, "/", sizeof (_fullname)-strlen(_fullname)-1); data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:1016:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen (ISO_STANDARD_ID))) data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_build.c:280:4: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (buf, opt_arg, sizeof (buf)); data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_build.c:281:4: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is low because the source is a constant string. strncat (buf, ".toc", sizeof (buf)-strlen(buf)-1); data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_build.c:281:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat (buf, ".toc", sizeof (buf)-strlen(buf)-1); data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_build.c:324:4: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (buf, opt_arg, sizeof (buf)); data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_common.c:237:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size = (int) strlen (in) + 1; data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_dtd.c:57:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen (videocd_dtd), data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_dump.c:533:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen (retval); data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_dump.c:537:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len += strlen (argv[idx]) + 1; data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_dump.c:542:7: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat (retval, " "); data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_gen.c:179:7: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat (buf, "/"); data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_gen.c:189:11: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat (iso_name, "/"); data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_master.c:51:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char *tmp = calloc(1, strlen (prefix) + strlen (pathname) + 1); data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_master.c:51:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char *tmp = calloc(1, strlen (prefix) + strlen (pathname) + 1); data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_parse.c:646:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). _tmp = malloc (strlen (path) + strlen (_name) + 1); data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_parse.c:646:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). _tmp = malloc (strlen (path) + strlen (_name) + 1); data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_parse.c:688:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). new_path = malloc (strlen (path) + xmlStrlen (_tmp) + 1 + 1); data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_parse.c:703:4: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat (new_path, "/"); data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_rip.c:100:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char namebuf2[strlen (namebuf) + 2]; data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_rip.c:156:7: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (_fullname, pathname, sizeof (_fullname)); data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_rip.c:157:7: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat (_fullname, _name, sizeof (_fullname)-strlen(_fullname)-1); data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_rip.c:157:53: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat (_fullname, _name, sizeof (_fullname)-strlen(_fullname)-1); data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_rip.c:176:2: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is low because the source is a constant character. strncat (_fullname, "/", sizeof (_fullname)-strlen(_fullname)-1); data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_rip.c:176:46: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat (_fullname, "/", sizeof (_fullname)-strlen(_fullname)-1); data/vcdimager-2.0.1+dfsg/lib/directory.c:152:50: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). reclen = iso9660_dir_calc_record_size (strlen (pathname), data/vcdimager-2.0.1+dfsg/lib/info.c:1563:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(psz_vol_id, psz_vol_id2, ISO_MAX_VOLUME_ID); data/vcdimager-2.0.1+dfsg/lib/info.c:1577:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(volume_set_id, p_obj->pvd.volume_set_id, ISO_MAX_VOLUMESET_ID); data/vcdimager-2.0.1+dfsg/lib/info.c:1807:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (buf, str, n); data/vcdimager-2.0.1+dfsg/lib/info.c:1810:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (j = strlen (buf) - 1; j >= 0; j--) data/vcdimager-2.0.1+dfsg/lib/info.c:1940:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen (ISO_XA_MARKER_STRING)); data/vcdimager-2.0.1+dfsg/lib/info.c:1953:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t len = strlen(*source_name)+1; data/vcdimager-2.0.1+dfsg/lib/info.c:1955:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(p_obj->source_name, *source_name, len); data/vcdimager-2.0.1+dfsg/lib/stream.c:230:24: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). read_bytes = obj->op.read(obj->user_data, ptr, size*nmemb); data/vcdimager-2.0.1+dfsg/lib/stream.h:88:19: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). vcd_data_read_t read; data/vcdimager-2.0.1+dfsg/lib/stream_stdio.c:128:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). long read; data/vcdimager-2.0.1+dfsg/lib/stream_stdio.c:132:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read != count) data/vcdimager-2.0.1+dfsg/lib/stream_stdio.c:148:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). return read; data/vcdimager-2.0.1+dfsg/lib/util.c:69:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = (count-1) * strlen (delim); data/vcdimager-2.0.1+dfsg/lib/util.c:72:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len += strlen (strv[n]); data/vcdimager-2.0.1+dfsg/lib/vcd.c:856:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen (p_obj->iso_volume_label) > ISO_MAX_VOLUME_ID) data/vcdimager-2.0.1+dfsg/lib/vcd.c:867:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen (p_obj->iso_publisher_id) > ISO_MAX_PUBLISHER_ID) data/vcdimager-2.0.1+dfsg/lib/vcd.c:878:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen (p_obj->iso_preparer_id) > ISO_MAX_PREPARER_ID) data/vcdimager-2.0.1+dfsg/lib/vcd.c:889:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen (p_obj->iso_application_id) > ISO_MAX_APPLICATION_ID) data/vcdimager-2.0.1+dfsg/lib/vcd.c:900:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen (p_obj->info_album_id) > 16) data/vcdimager-2.0.1+dfsg/lib/vcd.c:1034:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). vcd_assert (strlen (iso_pathname) > 0); data/vcdimager-2.0.1+dfsg/lib/vcd.c:1699:13: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat (buf2, buf, sizeof(buf2)-strlen(buf2)-i_buf2-1); data/vcdimager-2.0.1+dfsg/lib/vcd.c:1699:46: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat (buf2, buf, sizeof(buf2)-strlen(buf2)-i_buf2-1); ANALYSIS SUMMARY: Hits = 200 Lines analyzed = 26982 in approximately 0.70 seconds (38453 lines/second) Physical Source Lines of Code (SLOC) = 18016 Hits@level = [0] 281 [1] 51 [2] 99 [3] 0 [4] 50 [5] 0 Hits@level+ = [0+] 481 [1+] 200 [2+] 149 [3+] 50 [4+] 50 [5+] 0 Hits/KSLOC@level+ = [0+] 26.6985 [1+] 11.1012 [2+] 8.27043 [3+] 2.77531 [4+] 2.77531 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.